[PATCH v1 0/3] qemu: add luks-any encryption support for RBD images

Monday, 6 March 2023

Starting from Ceph 0f93f745 (unreleased 18.0.0) and qemu b8f218ef (unreleased 8.0.0),
qemu and librbd users can use a wildcard format ("luks-any" in qemu,
"luks" in librbd).
This format can be used to parse the image as either LUKS or LUKS2, auto-detecting
the actual format from the on-disk header.

This patch series enables libvirt users to use this wildcard format as well
(for RBD images only, of course).

I manually patched the qemu 8.0.0 replies file to reflect relevant qemu support,
to allow my tests to run.
Note that any build qemu will not support this feature, unless compiled
while having a librbd that has this feature bundled.

Or Ozeri (3):
  tests: qemucapabilitiesdata: Add luks-any encryption format
  qemu: capabilities: Introduce QEMU_CAPS_RBD_ENCRYPTION_LUKS_ANY
    capability
  qemu: add luks-any encryption support for RBD images

 docs/formatstorageencryption.rst              |  9 ++++
 src/conf/schemas/storagecommon.rng            |  1 +
 src/conf/storage_encryption_conf.c            |  2 +-
 src/conf/storage_encryption_conf.h            |  1 +
 src/libvirt_private.syms                      |  1 +
 src/qemu/qemu_block.c                         | 10 ++++-
 src/qemu/qemu_capabilities.c                  |  2 +
 src/qemu/qemu_capabilities.h                  |  1 +
 src/qemu/qemu_domain.c                        | 32 +++++++++++++-
 .../caps_8.0.0.x86_64.replies                 |  7 +++
 .../caps_8.0.0.x86_64.xml                     |  1 +
 ...k-rbd-encryption-luks-any.x86_64-7.2.0.err |  1 +
 ...rbd-encryption-luks-any.x86_64-latest.args | 38 ++++++++++++++++
 .../disk-network-rbd-encryption-luks-any.xml  | 39 ++++++++++++++++
 tests/qemuxml2argvtest.c                      |  2 +
 ...-rbd-encryption-luks-any.x86_64-latest.xml | 44 +++++++++++++++++++
 tests/qemuxml2xmltest.c                       |  1 +
 17 files changed, 187 insertions(+), 5 deletions(-)
 create mode 100644
tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-7.2.0.err
 create mode 100644
tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.x86_64-latest.args
 create mode 100644 tests/qemuxml2argvdata/disk-network-rbd-encryption-luks-any.xml
 create mode 100644
tests/qemuxml2xmloutdata/disk-network-rbd-encryption-luks-any.x86_64-latest.xml

-- 
2.25.1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[PATCH v1 0/3] qemu: add luks-any encryption support for RBD images